From 181f536c718a89ac0bf530a89aa936ed3e336122 Mon Sep 17 00:00:00 2001 From: jitendrapurohit Date: Tue, 7 Jul 2015 15:19:06 +0530 Subject: [PATCH] api test for CRM-16796 --- Civi/API/Subscriber/PermissionCheck.php | 10 ++-- api/v3/examples/UFField/Replace.php | 1 + tests/phpunit/CiviTest/CiviUnitTestCase.php | 59 +++++++++++++-------- tests/phpunit/api/v3/UFFieldTest.php | 40 ++++++++++++++ 4 files changed, 83 insertions(+), 27 deletions(-) diff --git a/Civi/API/Subscriber/PermissionCheck.php b/Civi/API/Subscriber/PermissionCheck.php index 184a8305b9..4603eaf9d9 100644 --- a/Civi/API/Subscriber/PermissionCheck.php +++ b/Civi/API/Subscriber/PermissionCheck.php @@ -88,10 +88,12 @@ class PermissionCheck implements EventSubscriberInterface { } /** - * check API for ACL permission. - * @param $apiRequest - * @return bool - */ + * Check API for ACL permission. + * + * @param array $apiRequest + * + * @return bool + */ public function checkACLPermission($apiRequest) { switch ($apiRequest['entity']) { case 'UFGroup': diff --git a/api/v3/examples/UFField/Replace.php b/api/v3/examples/UFField/Replace.php index fc95c90439..f94ad49347 100644 --- a/api/v3/examples/UFField/Replace.php +++ b/api/v3/examples/UFField/Replace.php @@ -41,6 +41,7 @@ function uf_field_replace_example() { 'phone_type_id' => 1, ), ), + 'check_permissions' => TRUE, ); try{ diff --git a/tests/phpunit/CiviTest/CiviUnitTestCase.php b/tests/phpunit/CiviTest/CiviUnitTestCase.php index 2bf7e806ae..a7a361e338 100755 --- a/tests/phpunit/CiviTest/CiviUnitTestCase.php +++ b/tests/phpunit/CiviTest/CiviUnitTestCase.php @@ -3025,7 +3025,7 @@ AND ( TABLE_NAME LIKE 'civicrm_value_%' ) * $this->_permissionedDisabledGroup = $this->groupCreate(array('title' => 'pick-me-disabled', 'is_active' => 0, 'name' => 'pick-me-disabled')); * $this->_permissionedGroup = $this->groupCreate(array('title' => 'pick-me-active', 'is_active' => 1, 'name' => 'pick-me-active')); */ - public function setupACL() { + public function setupACL($isProfile = FALSE) { global $_REQUEST; $_REQUEST = $this->_params; @@ -3047,36 +3047,49 @@ AND ( TABLE_NAME LIKE 'civicrm_value_%' ) CRM_Core_DAO::executeQuery(" INSERT INTO civicrm_acl_entity_role ( - `acl_role_id`, `entity_table`, `entity_id` - ) VALUES (55, 'civicrm_group', {$this->_permissionedGroup}); + `acl_role_id`, `entity_table`, `entity_id`, `is_active` + ) VALUES (55, 'civicrm_group', {$this->_permissionedGroup}, 1); "); - CRM_Core_DAO::executeQuery(" - INSERT INTO civicrm_acl ( - `name`, `entity_table`, `entity_id`, `operation`, `object_table`, `object_id`, `is_active` - ) - VALUES ( - 'view picked', 'civicrm_group', $this->_permissionedGroup , 'Edit', 'civicrm_saved_search', {$this->_permissionedGroup}, 1 - ); - "); + if ($isProfile) { + CRM_Core_DAO::executeQuery(" + INSERT INTO civicrm_acl ( + `name`, `entity_table`, `entity_id`, `operation`, `object_table`, `object_id`, `is_active` + ) + VALUES ( + 'view picked', 'civicrm_acl_role', 55, 'Edit', 'civicrm_uf_group', 0, 1 + ); + "); + } + else { + CRM_Core_DAO::executeQuery(" + INSERT INTO civicrm_acl ( + `name`, `entity_table`, `entity_id`, `operation`, `object_table`, `object_id`, `is_active` + ) + VALUES ( + 'view picked', 'civicrm_group', $this->_permissionedGroup , 'Edit', 'civicrm_saved_search', {$this->_permissionedGroup}, 1 + ); + "); + + CRM_Core_DAO::executeQuery(" + INSERT INTO civicrm_acl ( + `name`, `entity_table`, `entity_id`, `operation`, `object_table`, `object_id`, `is_active` + ) + VALUES ( + 'view picked', 'civicrm_group', $this->_permissionedGroup, 'Edit', 'civicrm_saved_search', {$this->_permissionedDisabledGroup}, 1 + ); + "); + //flush cache + CRM_ACL_BAO_Cache::resetCache(); + CRM_Contact_BAO_Group::getPermissionClause(TRUE); + CRM_ACL_API::groupPermission('whatever', 9999, NULL, 'civicrm_saved_search', NULL, NULL, TRUE); + } - CRM_Core_DAO::executeQuery(" - INSERT INTO civicrm_acl ( - `name`, `entity_table`, `entity_id`, `operation`, `object_table`, `object_id`, `is_active` - ) - VALUES ( - 'view picked', 'civicrm_group', $this->_permissionedGroup, 'Edit', 'civicrm_saved_search', {$this->_permissionedDisabledGroup}, 1 - ); - "); $this->_loggedInUser = CRM_Core_Session::singleton()->get('userID'); $this->callAPISuccess('group_contact', 'create', array( 'group_id' => $this->_permissionedGroup, 'contact_id' => $this->_loggedInUser, )); - //flush cache - CRM_ACL_BAO_Cache::resetCache(); - CRM_Contact_BAO_Group::getPermissionClause(TRUE); - CRM_ACL_API::groupPermission('whatever', 9999, NULL, 'civicrm_saved_search', NULL, NULL, TRUE); } /** diff --git a/tests/phpunit/api/v3/UFFieldTest.php b/tests/phpunit/api/v3/UFFieldTest.php index c21ef3531b..9d4b01a27a 100644 --- a/tests/phpunit/api/v3/UFFieldTest.php +++ b/tests/phpunit/api/v3/UFFieldTest.php @@ -196,6 +196,7 @@ class api_v3_UFFieldTest extends CiviUnitTestCase { 'uf_group_id' => $this->_ufGroupId, 'option.autoweight' => FALSE, 'values' => $baseFields, + 'check_permissions' => TRUE, ); $result = $this->callAPIAndDocument('uf_field', 'replace', $params, __FUNCTION__, __FILE__); @@ -217,4 +218,43 @@ class api_v3_UFFieldTest extends CiviUnitTestCase { } } + /** + * Check Profile API permission without ACL. + */ + public function testProfilesWithoutACL() { + $this->createLoggedInUser(); + $baseFields[] = array( + 'field_name' => 'first_name', + 'field_type' => 'Contact', + 'visibility' => 'Public Pages and Listings', + 'weight' => 3, + 'label' => 'Test First Name', + 'is_searchable' => 1, + 'is_active' => 1, + ); + CRM_Core_Config::singleton()->userPermissionClass->permissions = array('access CiviCRM'); + $params = array( + 'uf_group_id' => $this->_ufGroupId, + 'option.autoweight' => FALSE, + 'values' => $baseFields, + 'check_permissions' => TRUE, + ); + $this->_loggedInUser = CRM_Core_Session::singleton()->get('userID'); + $result = $this->callAPIFailure('uf_field', 'replace', $params); + } + + /** + * Check Profile ACL for API permission. + */ + public function testACLPermissionforProfiles() { + $this->createLoggedInUser(); + $this->_permissionedGroup = $this->groupCreate(array( + 'title' => 'Edit Profiles', + 'is_active' => 1, + 'name' => 'edit-profiles', + )); + $this->setupACL(TRUE); + $this->testReplaceUFFields(); + } + } -- 2.25.1